公开(公告)号：US20200134222A1

公开(公告)日：2020-04-30

申请号：US16174548

申请日：2018-10-30

Applicant: Citrix Systems, Inc.

Inventor： James Robert Walker

IPC: G06F21/62 ,  G06F21/60

Abstract: In response to determining that a graphical user interface displayed on the display device of a mobile device at the time a screenshot capture request is received is being generated at least in part by an enterprise application executing within a protected workspace container in the mobile device, a secure screenshot save operation is performed. The secure screenshot save operation includes i) storing, within the mobile device, a screenshot image of the graphical user interface displayed on the display device of the mobile device at the time the screenshot capture request is received, and ii) preventing the screenshot image from being accessed by any personal application executing on the mobile device outside of the protected workspace container.

公开(公告)号：US20160301666A9

公开(公告)日：2016-10-13

申请号：US14535597

申请日：2014-11-07

Applicant: Citrix Systems, Inc.

Inventor： Gary Barton ,  Zhongmin Lang ,  Nitin Desai ,  James Robert Walker

IPC: H04L29/06

CPC classification number: H04L63/0807 ,  G06F21/31 ,  G06F2221/2105 ,  H04L63/0272 ,  H04L63/029 ,  H04L63/0815 ,  H04L63/20 ,  H04W12/06 ,  H04W12/08

Abstract: Various aspects of the disclosure relate to providing a per-application policy-controlled virtual private network (VPN) tunnel. In some embodiments, tickets may be used to provide access to an enterprise resource without separate authentication of the application and, in some instances, can be used in such a manner as to provide a seamless experience to the user when reestablishing a per-application policy controlled VPN tunnel during the lifetime of the ticket. Additional aspects relate to an access gateway providing updated policy information and tickets to a mobile device. Other aspects relate to selectively wiping the tickets from a secure container of the mobile device. Yet further aspects relate to operating applications in multiple modes, such as a managed mode and an unmanaged mode, and providing authentication-related services based on one or more of the above aspects.

公开(公告)号：US20160026462A1

公开(公告)日：2016-01-28

申请号：US14876832

申请日：2015-10-07

Applicant: Citrix Systems, Inc.

Inventor： Zhongmin Lang ,  Gary Barton ,  James Robert Walker ,  Vipin Aravindakshan

IPC: G06F9/44 ,  G06F9/445

CPC classification number: G06F8/76 ,  G06F8/52 ,  G06F8/65 ,  G06F8/72 ,  G06F9/45504 ,  G06F9/45516 ,  G06F21/33 ,  G06F21/53 ,  G06F21/57

Abstract: Methods and systems for developing, modifying, and distributing software applications for enterprise systems are described herein. A software component, such as a native mobile application or a template application, may be modified into a managed mobile application, and metadata associated with the managed mobile application may be generated. The managed application and associated metadata may be provided to one or more application stores, such as public application stores and/or enterprise application stores. Managed applications and/or associated metadata may be retrieved by computing devices from public application stores and/or enterprise application stores, and may be executed as managed applications in an enterprise system.

Abstract translation: 本文描述了用于开发，修改和分发企业系统的软件应用程序的方法和系统。 诸如本地移动应用或模板应用的软件组件可以被修改为被管理的移动应用，并且可以生成与被管理的移动应用相关联的元数据。 被管理的应用程序和关联的元数据可以被提供给一个或多个应用商店，诸如公共应用商店和/或企业应用商店。 管理的应用程序和/或相关联的元数据可以通过从公共应用程序存储器和/或企业应用程序存储器中的计算设备来检索，并且可以作为企业系统中的被管理应用来执行。

公开(公告)号：US08931078B2

公开(公告)日：2015-01-06

申请号：US14029096

申请日：2013-09-17

Applicant: Citrix Systems, Inc.

Inventor： Gary Barton ,  Zhongmin Lang ,  Nitin Desai ,  James Robert Walker

IPC: H04L29/06 ,  H04W12/06

CPC classification number: H04L63/0272 ,  H04L63/0807 ,  H04L63/0884 ,  H04L63/20 ,  H04W12/06 ,  H04W12/08

Abstract: Various aspects of the disclosure relate to providing a per-application policy-controlled virtual private network (VPN) tunnel. In some embodiments, tickets may be used to provide access to an enterprise resource without separate authentication of the application and, in some instances, can be used in such a manner as to provide a seamless experience to the user when reestablishing a per-application policy controlled VPN tunnel during the lifetime of the ticket. Additional aspects relate to an access gateway providing updated policy information and tickets to a mobile device. Other aspects relate to selectively wiping the tickets from a secure container of the mobile device. Yet further aspects relate to operating applications in multiple modes, such as a managed mode and an unmanaged mode, and providing authentication-related services based on one or more of the above aspects.

Abstract translation: 本公开的各个方面涉及提供每应用程序策略控制的虚拟专用网（VPN）隧道。 在一些实施例中，票据可以用于提供对企业资源的访问，而不需要对应用的单独认证，并且在某些情况下可以以这样的方式使用，以便在重新建立每个应用程序策略时向用户提供无缝体验 在票的生命周期内控制VPN隧道。 另外的方面涉及提供对移动设备的更新的策略信息和故障单的接入网关。 其他方面涉及从移动设备的安全容器中选择性地擦拭票据。 另外的方面涉及在诸如管理模式和非托管模式的多种模式中的操作应用，以及基于上述方面中的一个或多个来提供与认证相关的服务。

公开(公告)号：US08799994B2

公开(公告)日：2014-08-05

申请号：US14044928

申请日：2013-10-03

Applicant: Citrix Systems, Inc.

Inventor： Gary Barton ,  James Robert Walker ,  Nitin Desai ,  Zhongmin Lang

IPC: G06F21/00 ,  H04L12/58 ,  G06F21/62 ,  H04L29/08 ,  G06F21/72 ,  H04L29/06

CPC classification number: G06F21/72 ,  G06F21/6218 ,  G06F21/629 ,  G06F2221/2111 ,  H04L51/08 ,  H04L63/20 ,  H04L67/10 ,  H04W12/06 ,  H04W12/08

Abstract: Improved techniques for managing enterprise applications on mobile devices are described herein. Each enterprise mobile application running on the mobile device has an associated policy through which it interacts with its environment. The policy selectively blocks or allows activities involving the enterprise application in accordance with rules established by the enterprise. Together, the enterprise applications running on the mobile device form a set of managed applications. Managed applications are typically allowed to exchange data with other managed applications, but are blocked from exchanging data with other applications, such as the user's own personal applications. Policies may be defined to manage data sharing, mobile resource management, application specific information, networking and data access solutions, device cloud and transfer, dual mode application software, enterprise app store access, and virtualized application and resources, among other things.

公开(公告)号：US20140096186A1

公开(公告)日：2014-04-03

申请号：US14096418

申请日：2013-12-04

Applicant: Citrix Systems, Inc.

Inventor： Gary Barton ,  James Robert Walker ,  Nitin Desai ,  Zhongmin Lang

IPC: H04L29/06

CPC classification number: G06F21/72 ,  G06F21/6218 ,  G06F21/629 ,  G06F2221/2111 ,  H04L51/08 ,  H04L63/20 ,  H04L67/10 ,  H04W12/0027 ,  H04W12/00503 ,  H04W12/06 ,  H04W12/08

Abstract: Improved techniques for managing enterprise applications on mobile devices are described herein. Each enterprise mobile application running on the mobile device has an associated policy through which it interacts with its environment. The policy selectively blocks or allows activities involving the enterprise application in accordance with rules established by the enterprise. Together, the enterprise applications running on the mobile device form a set of managed applications. Managed applications are typically allowed to exchange data with other managed applications, but are blocked from exchanging data with other applications, such as the user's own personal applications. Policies may be defined to manage data sharing, mobile resource management, application specific information, networking and data access solutions, device cloud and transfer, dual mode application software, enterprise app store access, and virtualized application and resources, among other things.

公开(公告)号：US20140040638A1

公开(公告)日：2014-02-06

申请号：US14044919

申请日：2013-10-03

Applicant: Citrix Systems, Inc.

Inventor： Gary Barton ,  James Robert Walker ,  Nitin Desai ,  Zhongmin Lang

IPC: G06F21/60 ,  H04L29/06 ,  G06F21/72

CPC classification number: H04L63/20 ,  G06F21/335 ,  G06F21/54 ,  G06F21/604 ,  G06F21/6218 ,  G06F21/629 ,  G06F21/72 ,  G06F2221/2101 ,  G06F2221/2111 ,  G06F2221/2137 ,  G06F2221/2143 ,  H04L41/00 ,  H04L41/28 ,  H04L51/08 ,  H04L63/0815 ,  H04L63/0823 ,  H04L63/0853 ,  H04L63/10 ,  H04L63/102 ,  H04L63/104 ,  H04L67/10 ,  H04W12/06 ,  H04W12/08

Abstract: Improved techniques for managing enterprise applications on mobile devices are described herein. Each enterprise mobile application running on the mobile device has an associated policy through which it interacts with its environment. The policy selectively blocks or allows activities involving the enterprise application in accordance with rules established by the enterprise. Together, the enterprise applications running on the mobile device form a set of managed applications. Managed applications are typically allowed to exchange data with other managed applications, but are blocked from exchanging data with other applications, such as the user's own personal applications. Policies may be defined to manage data sharing, mobile resource management, application specific information, networking and data access solutions, device cloud and transfer, dual mode application software, enterprise app store access, and virtualized application and resources, among other things.

公开(公告)号：US20200104145A1

公开(公告)日：2020-04-02

申请号：US16145927

申请日：2018-09-28

Applicant: Citrix Systems, Inc.

Inventor： James Robert Walker

IPC: G06F9/451 ,  G06F3/0484 ,  G06F8/34 ,  G06F8/20

Abstract: Starting execution of a mobile application on a mobile device causes the mobile application to invoke an initialization method that i) creates a substitute application class loader, and ii) replaces a default application class loader for the mobile application with the substitute application class loader. The substitute application class loader processes a request for a requested object class defined by the mobile application by returning, instead of the requested object class, an alternate object class that is different from the requested object class and that is defined by mobile application management logic also executing on the mobile device. Continued execution of the mobile application on the mobile device includes performing at least one mobile application management action using the alternate object class returned by the substitute application class loader.

公开(公告)号：US09654508B2

公开(公告)日：2017-05-16

申请号：US14508245

申请日：2014-10-07

Applicant: Citrix Systems, Inc.

Inventor： Gary Barton ,  Zhongmin Lang ,  Nitin Desai ,  James Robert Walker

IPC: G06F21/62 ,  H04L29/06 ,  H04L12/24 ,  H04L29/08 ,  G06F21/60 ,  G06F21/88 ,  H04W8/18 ,  G06F9/455 ,  H04W12/08 ,  G06F9/44 ,  G06F3/0481 ,  G06Q10/10

CPC classification number: H04L63/20 ,  G06F3/0481 ,  G06F9/452 ,  G06F9/45533 ,  G06F21/604 ,  G06F21/6218 ,  G06F21/629 ,  G06F21/88 ,  G06F2221/2143 ,  G06Q10/10 ,  H04L41/046 ,  H04L63/0272 ,  H04L63/0815 ,  H04L63/0823 ,  H04L63/10 ,  H04L63/205 ,  H04L67/34 ,  H04W8/18 ,  H04W12/06 ,  H04W12/08

Abstract: Various aspects of the disclosure relate to configuring and providing policies that manage execution of mobile applications. In some embodiments, a user interface may be generated that allows an IT administrator or other operator to set, change and/or add to policy settings. The policy settings can be formatted into a policy file and be made available for download to a mobile device, such as via an application store or to be pushed to the mobile device as part of a data push service. The mobile device, based on the various settings included in the policy file, may perform various actions to enforce the security constraints that are represented by the policy. The various settings that can be included in a policy are numerous and some examples and variations thereof are described in connection with the example embodiments discussed herein.

公开(公告)号：US09602474B2

公开(公告)日：2017-03-21

申请号：US14607593

申请日：2015-01-28

Applicant: Citrix Systems, Inc.

Inventor： Gary Barton ,  Zhongmin Lang ,  Nitin Desai ,  James Robert Walker

IPC: G06F21/62 ,  H04L29/06 ,  G06F21/60 ,  G06F21/88 ,  H04W12/06 ,  H04W12/08 ,  H04L29/08

CPC classification number: G06F21/602 ,  G06F21/60 ,  G06F21/6218 ,  G06F21/88 ,  G06F2221/2143 ,  H04L63/0428 ,  H04L67/10 ,  H04W12/06 ,  H04W12/08

Abstract: Various aspects of the disclosure relate to providing secure containers or data vaults for data of one or more managed applications. In some embodiments, each managed application may be assigned its own private data vault and/or may be assigned a shared data vault that is accessible to at least one other managed application. As the managed application executes, calls for access to the data may be intercepted and redirected to the secure containers. Data stored in a secure container may be encrypted according to a policy. Other aspects relate to deleting data from a secure container, such as via a selective wipe of data associated with a managed application. Further aspects relate to configuring and creating the secure containers, retrieving key information required to encrypt/decrypt the data stored in the secure containers, and publishing the managed applications, policy information and key information for download to a mobile device.